WO2015109360A1 - Personal identification system and method - Google Patents

Personal identification system and method Download PDF

Info

Publication number
WO2015109360A1
WO2015109360A1 PCT/AU2015/000026 AU2015000026W WO2015109360A1 WO 2015109360 A1 WO2015109360 A1 WO 2015109360A1 AU 2015000026 W AU2015000026 W AU 2015000026W WO 2015109360 A1 WO2015109360 A1 WO 2015109360A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
data
biometric
information
processor
Prior art date
Application number
PCT/AU2015/000026
Other languages
English (en)
French (fr)
Inventor
Peter Cherry
Aaron Cope MAHER
Dion Jaye MAHER
Original Assignee
Circurre Pty Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2014900181A external-priority patent/AU2014900181A0/en
Application filed by Circurre Pty Ltd filed Critical Circurre Pty Ltd
Priority to RU2016133951A priority Critical patent/RU2016133951A/ru
Priority to KR1020167022486A priority patent/KR20160111447A/ko
Priority to PCT/AU2015/000026 priority patent/WO2015109360A1/en
Priority to US15/112,590 priority patent/US10127367B2/en
Priority to EP15741074.7A priority patent/EP3097515B1/en
Priority to JP2016564355A priority patent/JP6562947B2/ja
Priority to CN201580005136.4A priority patent/CN106415610B/zh
Publication of WO2015109360A1 publication Critical patent/WO2015109360A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/0716Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips at least one of the integrated circuit chips comprising a sensor or an interface to a sensor
    • G06K19/0718Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips at least one of the integrated circuit chips comprising a sensor or an interface to a sensor the sensor being of the biometric kind, e.g. fingerprint sensors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Definitions

  • the present invention relates generally to a system and method for identifying an individual based on an analysis of one or more biometric readings taken from the individual, and in particular, to a system and method for identifying an individual for facilitating secure transactions of personal information.
  • the use of personal devices to store user information for electronic transfer between a source and the owner of the personal device is commonplace.
  • the most common form of such a personal device is a credit card that stores information relating to the user's financial details such that by merely transferring information between the credit card and a merchant, a financial transaction can be completed without the need for any physical exchange of money between the user and the merchant.
  • passports contain electronic chips which store personal information about the passport holder which can be simply exchanged between an appropriate reading device at a passport checking station to receive and review the personal information about the passport holder.
  • Such a transfer of information is both convenient and simple so as to greatly improve processing of passport holders at airports and other appropriate checking stations.
  • a personal device such as a card
  • identity theft enables other parties who acquire the personal information of the card owner to use this information to access the card owner's bank account details or similar private possessions and engage in criminal activity.
  • a variety of solutions have been proposed to make personal devices, such as credit cards, more secure and prevent identity theft. Such solutions have incorporated the provision of passwords in association with the devices such that the device can only be used after they are activated by the entry of a unique code or password. Similarly, some devices have also incorporated the provision of a sensor device to obtain a biometric reading from the user, such as a fingerprint reading, which can be compared with a stored biometric reading to determine whether the user is authorised to use the card.
  • the present Applicant has proposed an improved means for using biometric information to prevent fraud in the usage of smart cards and the like in their copending International PCT Patent Application No. PCT/AU2013/000834.
  • This application discloses an improved method for controlling the exchange of information and activating the card upon determination of a match between the biometric information detected and that stored within the device.
  • a device for facilitating an exchange of personal information between a user and a third party comprising: a body configured to be carried by a user; a contact pad provided on a surface of the body, the contact pad being configured to be contacted by the user and comprises a plurality of sensor elements for taking a plurality of biometric readings from the user for verification purposes; a data storage module provided with said body for storing personal data about said user together with said user's biometric data; a processor for processing said biometric readings obtained by the plurality of sensor elements and comparing said biometric readings against the user's stored biometric data to confirm identity of the user, the processor being further configured to facilitate a transfer of said user's personal data with the third party upon confirmation of the identity of the user; and a power supply provide with said body, the power supply being selectively connectible to the processor to supply power to the processor when the identity of the user is confirmed.
  • the body comprises a card.
  • the card may be a credit card or smart card for use in financial transactions.
  • the contact pad may comprise a contact surface having a plurality of sensor elements embedded therein.
  • the plurality of sensor elements may be arranged in one or more layers to provide a plurality of biometric readings from said user when said user is in contact with said contact pad.
  • the contact pad may be configured to receive a finger or thumb of said user.
  • At least one of the plurality of sensor elements may comprise a sensor element for measuring the electrokinetic energy of the user upon contact with the contact pad.
  • the processor may be configured to detect the electrokinetic energy of the user in the absence of power supplied by the power supply to determine that the user is in a live state.
  • the processor upon detecting the presence of electrokinetic energy, may connect the power supply to the processor for supplying power thereto.
  • At least one of the plurality of sensors may further comprise a sensor element for measuring at least one of electrocardiography data, electromyogram data, pulse oximetry data, arterial pulse data, trans hand impedance data of the user.
  • the data storage module may comprise a memory for storing said personal data and said user biometric data.
  • the personal data stored in said memory may comprise data associated with said user's financial and/or private particulars.
  • a method for verifying an identity of a user of a device for facilitating an exchange of information between the user and a third party comprising: facilitating direct contact between the user and the device; determining the presence of electrokinetic energy associated with said direct contact; upon determining the presence of electrokinetic energy associated with said direct contact: facilitating the supply of electrical power to said device; obtaining a biometric reading from said user through said direct contact; assessing whether the obtained biometric reading from said user matches with a stored biometric reading taken from a registered user of the device; disrupting the supply of electrical power to said device to prevent further use of said device by the user when said obtained biometric reading does not match said stored biometric reading of said registered user; determining whether a level of security set for said exchange of information has been met when said obtained biometric reading matches said stored biometric reading of said registered user; and facilitating said exchange of information between said user and said third party upon said level of security being met.
  • the step of facilitating direct contact between the user and the device may comprise providing a contact pad on said device for receiving said user's finger or thumb thereon.
  • the contact pad may comprise a plurality of sensor elements for taking a plurality of biometric readings from said user.
  • the step of determining the presence of electrokinetic energy associated with said direct contact may comprise one of said plurality of sensor elements detecting said electrokinetic energy. Upon said sensor element not detecting the presence of electrokinetic energy associated with the direct contact, the device may be retained in a deactivated state.
  • the step of facilitating the supply of electrical power to the device may comprise a processor provided with said device selectively connecting the device to the power supply.
  • the step of obtaining a biometric reading from said user through said direct contact may comprise obtaining any one or more of one of electrokinetic energy data, electrocardiography data, electromyogram data, pulse oximetry data, arterial pulse data, trans-hand impedance data from the plurality of sensor elements.
  • the step of determining whether the level of security set for the exchange of information has been set may comprise determining whether the number of assessments of the obtained biometric data against the stored biometric data has been met. If the level of security set for the exchange of information has not been met, further assessments of the obtained biometric data against the stored biometric data may be made.
  • a system for verifying an identity of a user to facilitate an exchange of information between the user and a third party comprising: one or more sensor devices associated with said user, each sensor device being configured to obtain a biometric reading from the user; a personal device carried by the user, the personal device being configured to receive the one or more biometric readings from the one or more sensor devices and to process the biometric readings to determine a biometric function for the user based on said biometric readings; wherein the personal device is further configured to compare the determined biometric function for the user against a stored biometric function stored on the personal device associated with a registered user for that personal device, and should the determined biometric function substantially correspond with the stored biometric function, exchange of information is facilitated between the user and the third party.
  • a method for verifying an identity of a user of a device for facilitating an exchange of information between the user and a third party comprising: obtaining a plurality of biometric readings from one or more sensor devices associated with a user; processing a plurality of the biometric readings to form a combined biometric function for the user; comparing the combined biometric function for the user against a predetermined biometric function associated with a registered user of that device; determining whether the user is the registered user of the device; and facilitating the exchange of information between the user and the third party upon determination that the user is the registered user.
  • Fig. 1 is a depiction of an embodiment of a personal device incorporating the features of the present invention
  • Fig. 2 is a block diagram representing the system of the present invention for facilitating an exchange of information between a user and a third party;
  • Fig. 3 is a block diagram depicting an embodiment of an internal circuit architecture of the personal device of Fig. 1 ;
  • Fig. 4 is a cross sectional view of an embodiment of an integrated sensor device in accordance with the present invention.
  • Fig. 5 is a logic diagram depicting an embodiment of the manner in which the biometric information obtained from the integrated sensor of Fig. 4 can be used to determine a detected user's bio-function;
  • Fig. 6 is a flow chart depicting an embodiment of a method for verifying an identity of a user of the device.
  • the present invention will be described below in relation to a card for performing financial transactions over a network in a secure and controlled manner. However, it will be appreciated that the present invention may be employed to facilitate a variety of secure transactions or exchanges of information for a variety of different purposes, while still embodying the spirit of the present invention. Further, the device of the present invention may take a variety of forms other than a card, as would be appreciated by those skilled in the art. In this regard, the present invention could be employed as part of a system and method for fraud prevention, as discussed in the Applicant's co-pending International PCT Patent Application No. PCT/AU2013/000834, the entire contents of which are incorporated herein by reference.
  • the card 10 may be a smartcard, credit card or digital wallet that stores infomiation about the user and is carried by the user for use in a variety of different applications, such as performing financial transactions or proving the user's identity.
  • the card 10 generally comprises a body 12 made from a sufficiently rigid material, such as a plastic material having sufficient rigidity and durability.
  • the card 10 may contain electronic circuitry embedded therein which stores and processes information to facilitate a transaction between the registered user of the card 10 and a third party, such as a merchant or trader. The manner in which the electronic circuitry embedded within the card 10 is configured will be described in more detail below.
  • the card generally comprises a transmitter for transmitting information to a linked communication device to facilitate use of the device.
  • the linked communication device may be any number of common communication devices such as a smart phone or tablet containing appropriate compatible software, or a merchant transmission device for facilitating financial transaction over a secure network.
  • the card 10 comprises a sensor device 14, such as a contact pad, that acts to control the manner in which the card is to be used.
  • the sensor device 14 will be described in more detail below but functions to obtain biometric readings from the user of the card to not only activate the card for use, but to ensure that the user of the card 10 is the registered owner of the card.
  • the sensor device 14 is positioned on the card 10 to provide a physical interface between the user of the card and the embedded electronic circuitry to obtain one or more measurements of biometric information from the user for processing by the embedded electrical circuitry as required.
  • the sensor device may include appropriate circuitry to detect electrokinetic energy associated with the user as the user makes contact with the sensor device 14 to facilitate activation or "powering-up" of the card 10. This activation can be performed as part of the sensing function such that the sensor device not only reads the user's biometrics but also uses the energy associated therewith to activate the device for use.
  • the card 10 Whilst the card 10 is depicted as comprising a sensor device 14 for taking biometric readings from a user as the user contacts the card, the card 10 may also be able to communicate with one or more remote sensor devices that may be worn or carried by the user and which are able to transmit biometric readings taken from the user at the remote site for processing by the embedded electrical circuitry of the card.
  • body worn sensor devices may include wrist or arm band devices, implanted devices or any other form of device that is attached to the user's body and is capable of taking biometric readings from the user.
  • the overall system of the present invention is depicted in Fig. 2.
  • the overall system essentially comprises three separate sub-systems 52, 54, 56 to facilitate a secure transaction of information between the user's card 10 and a third party 60, such as a merchant or financial institution.
  • Sub-system 52 generally comprises the initiating componentry of the present invention, namely the sensor device 14 that is integrated with the card 10, remote sensors 50 and embedded circuitry provided within the card 10 to validate the user of the card 10 at the point at which the card is being used.
  • the card 10 may also contain relevant electronic componentry to facilitate processing of the appropriate information for transmission to sub-system 54.
  • Sub-system 54 generally comprises communication devices 55 which contain the necessary software to facilitate the exchange of information from the card 10 to the third party 60 over a network.
  • the communication devices 55 may be in the form of personal computers, laptops, mobile phones, tablets, or any other similar electronic device that stores appropriate software application to facilitate the secure connectivity with the remote third party for the transmission of the information from the card 10 to the sub-system 56.
  • Sub-system 56 generally comprises a remote server 57 that manages the transfer of data between the card 10 and the third party 60.
  • the remote server 57 may co-ordinate the transfer of information between the third party 60 and the user of the card 10 and may comprise software to encrypt transactions with the third party 60, as well as software updates for each of the communication devices 55 of sub-system 54 and the subsystem 52.
  • this transmission is over a distributed network, such as the internet to enable confidential information to be shared between the user of the card and the third party, for a variety of different purposes.
  • the present invention is substantially directed towards sub-system 52 which facilitates activation and authentication of the card at the point of use and is able to be used with a variety of different merchant and/or security systems.
  • a sensor device 14 suitable for use with the card 10 in accordance with the present invention is depicted in Fig. 3.
  • the sensor device 14 comprises four (4) separate sensors 20, 22, 24 and 26 for obtaining biometric information from the user of the card 10. It will be appreciated that other remotely positioned sensors may also be employed for obtaining biometric information; however, for ease of understanding, the present embodiment will focus on each of the readings being taken from the sensor device 14. By providing multiple sensors, a combined biometric function can be calculated for the user and stored against their profile to provide an enhanced level of security for the device.
  • sensor 20 may be in the form of a fingerprint sensor that obtains a raw image of the user's fingerprint which is then processed to perform conventional pattern matching or minutiae matching according to well known principles to assess the image taken by the sensor 20 against a stored image for the user.
  • Sensor 22 may be in the form of proximity sensor that is able to determine the presence or otherwise of the user which may be used as an input to activate or energise the system.
  • a sensor 22 detects body energy or electrokinetic energy (EKE) associated with the user.
  • EKE can be described as the electrical energy generated by the human body.
  • mammalian blood cells carry a surface charge that is proportional to the electric mobility of the cell, as those charged cells are passed around the circulatory system, an induced current is produced that creates a small varying magnetic field that can be harnessed to induce an electrical charge.
  • the sensor 22 is able to detect this EKE charge generated by the user and can use this charge for two purposes.
  • the detection of a charge by the sensor 22 can be used to determine whether the contact made with the sensor is from a living person. This "liveness" detection can be used by the present system as an initial measurement to activate or energise the device to enable it to take and assess biometric readings from the user for verification purpose.
  • the amount of EKE and the properties of the EKE generated by an individual is unique, and these properties can be used by the present system to identify the user and authenticate that the user of the device is the registered user, as will be discussed in more detail below.
  • Sensor 24 may be in the form of a bio-signal sensor that is capable of measuring bioelectric signals like ECG, EMG, EDG and EEG obtained through contact with the user.
  • Sensor 26 may be an IR Based sensor that may be used to obtain an IR image of the user to determine location of veins on the user's hand/finger, the distribution or branching pattern of which may be unique to the user.
  • biometric information may include:
  • Electrocardiography (ECG information) - This information relates to the electrical activity of the user's heart. During each heart beat the heart emits a series of electrical discharge spikes that can be obtained from electrodes placed on the user's body. As each person's heart differs in size, anatomical configuration and orientation, there is a unique signature of voltages in each person's surface ECG reading. This information could be used as part of the user's determined biometric function;
  • Pulse Oximetry - This information relates to the level of oxygen saturation or dissolved oxygen that is carried by a person's blood. By obtaining a pulse oximetry wave from a user it is possible to obtain a unique biometric information from a user which can also be used to form part of the user's determined biometric function;
  • obtaining a peripheral arterial pulse wave reading from an individual is directly related to the user's aortic pulse, which is a unique characteristic of an individual and contains frequency characteristics which are likely to be unique between individuals. Due to the nature of the readings able to be obtained, the readings are able to be analysed using standard techniques such as Fast Fourier Transform (FFT) and machine learning system techniques;
  • FFT Fast Fourier Transform
  • Trans Hand Impedance - By determining the capacitance of the user's hand it may be possible to use this information as part of the user's determined biometric function;
  • Pattern of Dorsal Knuckle skin folding - Readings of the user's folding pattern on the dorsal surfaces of the knuckles may be taken as a biometric reading for use in determining the user's biometric function.
  • a charge coupled device (CCD) is able to capture such images and the images could be processed, sorted and classified accordingly;
  • a sensor may take an image of the user's palm to determine the presence of unique crease lines for use in generating the user's biometric function
  • a sensor may take an image of the size and shape of the user's fingers and/or hand and process the information to characterise the information for use as part of the user's biometric function.
  • biometric information provides unique data about the user which can be used to form part of the registered user's calculated biometric function and to detect whether the detected user's biometric information matches that of the registered user
  • other user specific biometric information may also be obtained for such purposes.
  • the sensors for obtaining these readings may be worn by the user or implanted within the user and be capable of transmitting data via a wireless link to the embedded electronics stored within the card 10.
  • the biometric information may also include other information, such as password information, audio based information and iris scanning.
  • a number of separate sensors may preferably be incorporated in to a single integrated sensor 25.
  • One embodiment of an integrated sensor structure is depicted as reference numeral 25 in Fig. 4.
  • the integrated sensor 25 is depicted as a multi-layer structure having the sensors embedded therein.
  • the bioelectric signal sensors 24 are embedded within a protective film layer 11 so as to be located at the surface of the integrated sensor 25 to be in direct contact with the user's finger 5.
  • the fingerprint sensor 20 is positioned below the protective film layer 11, to obtain an image of the user's finger 5.
  • the IR sensor 26 may then be positioned below the fingerprint sensor to take an IR image of the user's finger 5.
  • a printed circuit board (PCB) 13 may be provided to facilitate control of the sensors and retrieval of the relevant biometric information from the sensors 20, 24, 26.
  • Appropriate supportive componentry 15 may be then be provided below the PCB so as to be in electrical contact therewith to facilitate measurement and transmission of the sensory signals to the embedded electronic circuitry of the card 10, by way of a connector interface 16 that facilitates two- way transfer of data and power between the integrated sensor 25 and the embedded electronic circuitiy of the card 10.
  • a connector interface 16 that facilitates two- way transfer of data and power between the integrated sensor 25 and the embedded electronic circuitiy of the card 10.
  • Other structural arrangements for forming the integrated sensor 25 are also envisaged.
  • each of the readings taken from each of the sensors 20, 22, 24, 26 are transferred from the integrated sensor 25 to associated preprocessing circuitry 21, 23, 27.
  • the pre-processing circuitry processes the raw data obtained by the sensors in accordance with the type of biometric information being collected by the corresponding sensor, to generate a conditioned signal 21a, 23 a, 27a.
  • the circuitry of the integrated sensor is depicted as being separate to the circuitry of the card 10; however, as will be appreciated by those skilled in the art, the integrated sensor may include both the subsystem 25 and the subsystem 14 and associated circuitry and componentry and still fall within the spirit of the present invention.
  • Each of the conditioned signals 21a, 23a and 27a contain pre-processed data relating to the readings obtained from each of the associated sensors of the integrated sensor 25. These conditioned signals are then received by the microprocessor 28 of the embedded electronic circuitry of the card 10 for processing.
  • the microprocessor 28 may be a DSP that is able to receive the multiple conditioned signals and convert these signals into a single user specific bio-function in accordance with a predetermined algorithm.
  • FIG. 5 An embodiment depicting the manner in which the microprocessor 28 processes the multiple conditioned signals 21a, 23a and 27a into the user specific bio- function 40 is shown in Fig. 5.
  • the microprocessor 28 filters the conditioned signals to remove any noise present therein.
  • the filtered signals are then each analysed to identify the specific metric(s) of interest in accordance with the type of signal being processed. Once the specific metric(s) have been identified the metrics are processed to determine a measured parameter that can be then used to generate the detected bio-function for the detected user.
  • Conditioned signal 27a is obtained by sensor 27 which performs an ECG analysis of the user at the integrated sensor 25.
  • the resulting conditioned signal is an ECG signal and is received by the microprocessor 28 and filtered accordingly, to remove any noise or unwanted artefacts that may be present in the signal 27a.
  • the signal is then analysed to identify the metric of interest, which in this example is the detected user's heart rate. This information is then extracted from the signal. Once the heart rate information is extracted the microprocessor then measures the heart rate, which in the example provided, generates a heart rate of 70 beats per minute. This information can then be used to generate the detected user's bio-function.
  • the bio-function may comprise one or a combination of biometric information obtained from the user when accessing the integrated sensor 25.
  • the microprocessor 28 is able to isolate specific parameters of interest.
  • the microprocessor 28 is in communication with a memory 29 which is able to store and retrieve information located therein. In this regard, the microprocessor 28 may merely compare the generated detected user's bio-function f(bio)(t) against a stored registered user's bio-function to assess whether the stored and detected values match. If the detected value and the stored value match, or are within a predetermined tolerance, the microprocessor may confirm that the user is authorised to proceed with the transaction and activate the card 10 accordingly.
  • the embedded electronic circuitry of the card 10 may include a power management system 30 which provides power to the relevant components of the system under the control of the microprocessor 28.
  • the microprocessor 28 may also be in communication with an external interface controller 31 that includes a transmitter/receiver and appropriate protocol software to facilitate secure transmission between the card and an external communication device, as discussed previously.
  • a transmitter/receiver may also receive data from remotely located sensor devices as previously discussed.
  • the protocol software embedded within the device may prevent communication of the embedded electronic circuitry of the card 10 with any remote device that does not contain the appropriate software application.
  • the system of the present invention is able to take multiple biometric measurements from the user of the device, the system is able to provide multiple levels of authentication using one or more of these measurements.
  • the system may take a reading of the user's electrokinetic energy (EKE) to energise the device after which the user's fingerprint may be used for authentication.
  • EKE electrokinetic energy
  • the detection of EKE upon the user contacting the sensor surface provides a first initial authentication that the user is present and is alive. This is sufficient to facilitate energisation of the device, typically by using the presence of EKE to trigger the power supply of the device to power the embedded electronic circuitry so that the device becomes operational.
  • Level 2 authentication a further step of making a reading and comparison of the user's ECG data can be made as part of the assessment.
  • Level 3 authentication an additional step of taking a reading of the user's pulse oximetry may be added.
  • an additional level of verification may assess the parameters of the detected EKE from the user against stored parameters to determine whether the user's EKE profile matchers that of the registered user's EKE profile stored with the device.
  • Other levels and combinations of biometric readings may also be employed as discussed below in relation to Table 1, depending upon the security level requirement.
  • step 51 the user may initiate contact with the integrated sensor of the device to initiate a transaction.
  • the transaction may be in the form of a product purchase where the device is a credit card or the like. This contact may involve the user placing their finger or thumb on the integrated sensor pad as discussed previously and depicted in Fig. 4.
  • the integrated circuit contained within the device detects the presence of electrokinetic energy (EKE) associated with the user's contact and if there is no detection of electrokinetic energy (EKE), the device determines that the contact is not made be a "living" human and does not energise the device for usage. As such, the device remains in a non-activated state as depicted by step 53.
  • EKE electrokinetic energy
  • the integrated circuit of the device detects the presence of EKE and hence makes an initial assessment that the user is a living being, the device is then energised and power is supplied to the remaining elements of the integrated circuit to enable a reading of biometric information from the user to be obtained by the integrated sensor at step 54.
  • the integrated sensor of the device may take a reading of the user's fingerprint as an initial authentication step.
  • step 55 the reading taken by the user's fingerprint is assessed against a reading stored in the memory of the integrated circuit to determine whether the reading is a match with the stored biometric information. If the fingerprint reading does not match the stored reading, then the transaction is stopped and the device is returned to a non-activated state as depicted by step 56. If step 55 determines that the fingerprint reading obtained in step 54 is a match with the fingerprint data stored within the integrated circuit, the integrated circuit checks to see the security level setting for the transaction in step 57. If the security level setting is a Level 1 setting or equivalent, as indicated in Table 1, the integrated circuit software will determine that the level of security has been achieved and will allow the transaction to proceed in step 58.
  • step 57 determines that the security level for that transaction is greater than Level 1, the integrated circuit software will request a further assessment of biometric data to be taken from the user and will return to step 54.
  • the integrated sensor of the device will take an ECG measurement for assessment against ECG data stored for the user in the integrated circuit memory in step 55. This cycle will be further repeated; depending upon the security level set for the transaction, until either the transaction is facilitated or stopped.
  • the personal information stored on the card/device is only available for transaction/authentication purposes after the transaction is facilitated in step 58. Prior to this, the card is inactive for use and no access to the personal information stored on the card is allowed.
  • the system of the present invention is able to utilise multiple sensor technologies and receive data from such technologies for assessment by the single device to determine the identity of the user. Whilst the present invention has been described incorporating multiple sensors into a single device, it will be appreciated that the system of the present invention could communicate with multiple sensor devices worn or attached to a user to obtain and process the information within the single device. In this regard, the multiple remote sensor devices may be wirelessly connected to communicate with the single device.
  • the present invention could also be used to monitor a user's bio-signals over an extended period of time so as to compensate for changes in these signals as the user ages or changes over time.
  • improved security is possible to protect the information contained within the card from unauthorised access.
  • the equation described above for determining the user's bio-function may include a time component. This may be particularly relevant when the data collected relates to the user's blood pressure, pulse rate or similar biometric readings that may change over time.
  • the present invention may also be able to receive data from sensors including audio (voice) recognition sensors, iris scanning sensors and electrocorticography (ECoG) sensors to provide improved verification of identity.
  • EoG electrocorticography
  • system and method of the present invention has multiple applications which can enable the user to make secure financial transactions; store personal identifying information (i.e. passport, driver license); and provide an identity verification service for non-financial transactions, such as website log-in and the like.
  • the system and method of the present invention could also securely store and control the release of valuable information such as patient medical records, which enables a user to carry such information in a convenient manner without fear of the information becoming publically available.
  • the level of identification verification may vary depending upon the transaction being undertaken. For example, the amount of identification verification to access a website, such as Facebook®, may be considerably lower than that required to conduct a financial transaction.
  • the present system and method is able to provide a tiered level of identity verification, whereby the combination of sensors used may vary depending upon the level of authentication required.
  • a "points system could be employed which determines the level of authentication required.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Automation & Control Theory (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
  • Measurement And Recording Of Electrical Phenomena And Electrical Characteristics Of The Living Body (AREA)
PCT/AU2015/000026 2014-01-21 2015-01-21 Personal identification system and method WO2015109360A1 (en)

Priority Applications (7)

Application Number Priority Date Filing Date Title
RU2016133951A RU2016133951A (ru) 2014-01-21 2015-01-21 Система и способ персональной идентификации
KR1020167022486A KR20160111447A (ko) 2014-01-21 2015-01-21 개인용 식별 시스템 및 방법
PCT/AU2015/000026 WO2015109360A1 (en) 2014-01-21 2015-01-21 Personal identification system and method
US15/112,590 US10127367B2 (en) 2014-01-21 2015-01-21 Personal identification system having a contact pad for processing biometric readings
EP15741074.7A EP3097515B1 (en) 2014-01-21 2015-01-21 Personal identification system and method
JP2016564355A JP6562947B2 (ja) 2014-01-21 2015-01-21 個人識別システム及び方法
CN201580005136.4A CN106415610B (zh) 2014-01-21 2015-01-21 个人识别系统和方法

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
AU2014900181A AU2014900181A0 (en) 2014-01-21 Personal identification system and method
AU2014900181 2014-01-21
PCT/AU2015/000026 WO2015109360A1 (en) 2014-01-21 2015-01-21 Personal identification system and method

Publications (1)

Publication Number Publication Date
WO2015109360A1 true WO2015109360A1 (en) 2015-07-30

Family

ID=53680508

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2015/000026 WO2015109360A1 (en) 2014-01-21 2015-01-21 Personal identification system and method

Country Status (7)

Country Link
US (1) US10127367B2 (ja)
EP (1) EP3097515B1 (ja)
JP (1) JP6562947B2 (ja)
KR (1) KR20160111447A (ja)
CN (1) CN106415610B (ja)
RU (1) RU2016133951A (ja)
WO (1) WO2015109360A1 (ja)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017123098A1 (en) * 2016-01-12 2017-07-20 Kk88.No As A method for verifying the identity of a person
CN107851207A (zh) * 2015-08-07 2018-03-27 维普公司 安全保护的无源rifd装置
FR3058544A1 (fr) * 2016-11-08 2018-05-11 Smart Packaging Solutions Module et carte a puce a mesure photo plethysmographique
CN109154960A (zh) * 2016-07-04 2019-01-04 株式会社东芝 Ic卡、可便携电子装置以及信息处理方法
WO2019178263A1 (en) * 2018-03-16 2019-09-19 Alivecor, Inc. Mobile ecg sensor apparatus
US20210065296A1 (en) * 2018-03-26 2021-03-04 Ziggurat Technologies, Inc. Intelligent trading and risk management framework
US11364091B2 (en) 2016-06-28 2022-06-21 Nihon Kohden Corporation Sensor system

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2547954B (en) * 2016-03-03 2021-12-22 Zwipe As Attack resistant biometric authorised device
WO2017210305A1 (en) * 2016-06-01 2017-12-07 Cpi Card Group - Colorado, Inc. Ic chip card with integrated biometric sensor pads
US10586031B2 (en) 2016-12-21 2020-03-10 Fingerprint Cards Ab Biometric authentication of a user
EP3665617A4 (en) 2017-08-09 2021-07-21 The Board of Trustees of the Leland Stanford Junior University BIOMETRIC ULTRASONIC MEASURING DEVICE INTEGRATED WITH AN OPTICS
US11357981B2 (en) 2018-03-01 2022-06-14 Adventus Ventures, Llc Systems and methods for controlling blood pressure
EP3671504A1 (en) * 2018-12-18 2020-06-24 Thales Dis France SA An electronic identity document comprising a non-removable secure enclave implementing an inference engine and a machine learning model
DE102019207566A1 (de) * 2019-05-23 2020-11-26 Volkswagen Aktiengesellschaft Verfahren zur Steuerung eines Sicherheitssystems einer Ladestation zum Aufladen von Elektrofahrzeugen
KR102278069B1 (ko) * 2019-10-22 2021-07-14 조선대학교산학협력단 근전도 신호 기반 사용자 인증 장치 및 인증 방법
US11741204B2 (en) 2020-07-06 2023-08-29 Bank Of America Corporation Intelligent real time resource instrument activation using electroencephalogram signals
US11949790B2 (en) 2020-10-01 2024-04-02 Bank Of America Corporation Intelligent tactile resource instrument activation using electroencephalogram signals

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
WO2007022423A2 (en) * 2005-08-18 2007-02-22 Ivi Smart Technologies, Inc. Biometric identity verification system and method
US20080120509A1 (en) * 2006-11-17 2008-05-22 Simon Rodolphe J Biometrics-secured transaction card
US20100071031A1 (en) * 2008-09-15 2010-03-18 Carter Stephen R Multiple biometric smart card authentication
WO2010105250A2 (en) * 2009-03-13 2010-09-16 Proteus Biomedical, Inc. Volume sensing
JP2012190096A (ja) * 2011-03-09 2012-10-04 Nec Commun Syst Ltd 情報処理装置およびその制御方法
US20130207786A1 (en) * 2012-02-14 2013-08-15 International Business Machines Corporation Secure Data Card with Passive RFID Chip and Biometric Sensor

Family Cites Families (27)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SE425704B (sv) 1981-03-18 1982-10-25 Loefberg Bo Databerare
US5872834A (en) 1996-09-16 1999-02-16 Dew Engineering And Development Limited Telephone with biometric sensing device
US8049597B1 (en) * 2000-01-10 2011-11-01 Ensign Holdings, Llc Systems and methods for securely monitoring an individual
US8015592B2 (en) 2002-03-28 2011-09-06 Innovation Connection Corporation System, method and apparatus for enabling transactions using a biometrically enabled programmable magnetic stripe
WO2003003295A1 (en) 2001-06-28 2003-01-09 Trek 2000 International Ltd. A portable device having biometrics-based authentication capabilities
JP2003093368A (ja) 2001-09-20 2003-04-02 Sony Corp リング型認証デバイス、認証システム
JP4366921B2 (ja) * 2002-07-12 2009-11-18 セイコーエプソン株式会社 本人照合装置、カード型情報記録媒体及びそれを用いた情報処理システム
CZ2005209A3 (cs) 2002-09-10 2005-12-14 Ivi Smart Technologies, Inc. Bezpečné biometrické ověření identity
JP2005202505A (ja) 2004-01-13 2005-07-28 Sharp Corp 情報送信装置
US8918900B2 (en) 2004-04-26 2014-12-23 Ivi Holdings Ltd. Smart card for passport, electronic passport, and method, system, and apparatus for authenticating person holding smart card or electronic passport
US20060000894A1 (en) 2004-07-01 2006-01-05 American Express Travel Related Services Company, Inc. Method and system for fingerprint biometrics on a smartcard
CA2570739C (en) 2004-07-01 2009-09-15 American Express Travel Related Services Company, Inc. System for biometric security using a smartcard
JP2006119810A (ja) 2004-10-20 2006-05-11 Seiko Epson Corp Icカード
JP4513511B2 (ja) 2004-11-08 2010-07-28 セイコーエプソン株式会社 指紋認証装置、及びicカード
US20070198712A1 (en) 2006-02-07 2007-08-23 Biopassword, Inc. Method and apparatus for biometric security over a distributed network
EA016359B1 (ru) 2006-03-27 2012-04-30 Фабрицио Борраччи Безопасная личная карточка и способ ее использования
JP2008040961A (ja) * 2006-08-09 2008-02-21 Toppan Printing Co Ltd 個人認証システム及び個人認証方法
US20080148393A1 (en) 2006-12-15 2008-06-19 Barry Myron Wendt Neural authenticator and method
US8694793B2 (en) 2007-12-11 2014-04-08 Visa U.S.A. Inc. Biometric access control transactions
US8130078B2 (en) 2008-05-22 2012-03-06 International Business Machines Corporation RFID badge with authentication and auto-deactivation features
JP4933519B2 (ja) * 2008-12-16 2012-05-16 レノボ・シンガポール・プライベート・リミテッド 生体認証装置を備えるコンピュータ
US20120089494A1 (en) * 2010-10-08 2012-04-12 Microsoft Corporation Privacy-Preserving Metering
US8816819B2 (en) 2011-02-24 2014-08-26 Moon J. Kim Dynamic information radio-frequency identification (RFID) card with biometric capabilities
US9733746B2 (en) 2011-05-10 2017-08-15 Northwestern University Touch interface device having an electrostatic multitouch surface and method for controlling the device
EP2801049B1 (en) * 2012-01-08 2018-11-14 ImagiStar LLC System and method for item self-assessment as being extant or displaced
EP3132402A4 (en) 2014-04-14 2017-11-15 Capital One Financial Corporation Systems and methods for initiating and authorizing transactions using a detectable device
KR102501243B1 (ko) 2016-04-12 2023-02-17 삼성전자주식회사 전자 장치 및 그의 동작 방법

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5229764A (en) * 1991-06-20 1993-07-20 Matchett Noel D Continuous biometric authentication matrix
US5719950A (en) * 1994-03-24 1998-02-17 Minnesota Mining And Manufacturing Company Biometric, personal authentication system
WO2007022423A2 (en) * 2005-08-18 2007-02-22 Ivi Smart Technologies, Inc. Biometric identity verification system and method
US20080120509A1 (en) * 2006-11-17 2008-05-22 Simon Rodolphe J Biometrics-secured transaction card
US20100071031A1 (en) * 2008-09-15 2010-03-18 Carter Stephen R Multiple biometric smart card authentication
WO2010105250A2 (en) * 2009-03-13 2010-09-16 Proteus Biomedical, Inc. Volume sensing
JP2012190096A (ja) * 2011-03-09 2012-10-04 Nec Commun Syst Ltd 情報処理装置およびその制御方法
US20130207786A1 (en) * 2012-02-14 2013-08-15 International Business Machines Corporation Secure Data Card with Passive RFID Chip and Biometric Sensor

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107851207A (zh) * 2015-08-07 2018-03-27 维普公司 安全保护的无源rifd装置
US20180253634A1 (en) * 2015-08-07 2018-09-06 Zwipe As Security protected passive rfid device
WO2017123098A1 (en) * 2016-01-12 2017-07-20 Kk88.No As A method for verifying the identity of a person
US11364091B2 (en) 2016-06-28 2022-06-21 Nihon Kohden Corporation Sensor system
CN109154960A (zh) * 2016-07-04 2019-01-04 株式会社东芝 Ic卡、可便携电子装置以及信息处理方法
EP3480717A4 (en) * 2016-07-04 2020-02-12 Kabushiki Kaisha Toshiba IC CARD, PORTABLE ELECTRONIC DEVICE, AND INFORMATION PROCESSING METHOD
FR3058544A1 (fr) * 2016-11-08 2018-05-11 Smart Packaging Solutions Module et carte a puce a mesure photo plethysmographique
WO2019178263A1 (en) * 2018-03-16 2019-09-19 Alivecor, Inc. Mobile ecg sensor apparatus
US20210065296A1 (en) * 2018-03-26 2021-03-04 Ziggurat Technologies, Inc. Intelligent trading and risk management framework

Also Published As

Publication number Publication date
EP3097515A4 (en) 2017-11-08
RU2016133951A (ru) 2018-03-02
EP3097515A1 (en) 2016-11-30
KR20160111447A (ko) 2016-09-26
US10127367B2 (en) 2018-11-13
EP3097515B1 (en) 2020-12-09
CN106415610A (zh) 2017-02-15
JP2017508225A (ja) 2017-03-23
JP6562947B2 (ja) 2019-08-21
RU2016133951A3 (ja) 2018-08-21
US20160335426A1 (en) 2016-11-17
CN106415610B (zh) 2019-07-26

Similar Documents

Publication Publication Date Title
US10127367B2 (en) Personal identification system having a contact pad for processing biometric readings
JP7089020B2 (ja) 光学機器と統合された超音波生体感知デバイス
US9258300B2 (en) ECG measuring device and method thereof
US10076920B2 (en) Card with integrated fingerprint authentication
RU2558617C2 (ru) Система обработки защищенных личных данных и управления ими
CA2835460C (en) System and method for enabling continuous or instantaneous identity recognition based on physiological biometric signals
CN104487987B (zh) 用于防止欺诈的系统和方法
CN104662550B (zh) 个人的生物计量认证
CN109640820A (zh) 由具有多个传感器的服装进行的生物特征识别
US20030128867A1 (en) Obtaining biometric identification using a direct electrical contact
CN106031638A (zh) 基于指纹和心电图信号的用户验证方法和设备
Zhao et al. Securing handheld devices and fingerprint readers with ECG biometrics
CN105518729A (zh) 在线商业中生物特征图像的用途
KR102507269B1 (ko) 생체 정보를 이용하여 보안성을 높일 수 있는 센서, 상기 센서를 포함하는 모바일 장치, 및 상기 모바일 장치의 인증 방법
WO2011034831A2 (en) Systems and methods for securely monitoring an individual
JP5642210B2 (ja) 電子バイオメトリック識別認識のための方法及び装置
WO2017198093A1 (zh) 穿戴式设备和识别生物特征的方法
Lehmann et al. Heartbeats in the wild: a field study exploring ECG biometrics in everyday life
TWM514042U (zh) 利用多種生理資訊混合辨識身份的系統
Hoshyar et al. Review on finger vein authentication system by applying neural network
KR101793587B1 (ko) 원격진료환자 본인확인을 위한 사용자 인증가능 산소포화도 측정 기능을 구비한 모바일기기 및 이를 이용한 산소포화도 측정 방법
Rahman et al. On the Feasibility of Handwritten Signature Authentication Using PPG Sensor
Shrotri et al. IR-webcam imaging and vascular pattern analysis towards hand vein authentication
CN204856501U (zh) 基于动态口令牌的指静脉识别终端
KR20230076167A (ko) 심전도 인증을 이용한 출입보안관리 시스템 및 이를 이용한 개인인증방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15741074

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2016564355

Country of ref document: JP

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 15112590

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

REG Reference to national code

Ref country code: BR

Ref legal event code: B01A

Ref document number: 112016016731

Country of ref document: BR

ENP Entry into the national phase

Ref document number: 20167022486

Country of ref document: KR

Kind code of ref document: A

REEP Request for entry into the european phase

Ref document number: 2015741074

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2015741074

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2016133951

Country of ref document: RU

Kind code of ref document: A

ENP Entry into the national phase

Ref document number: 112016016731

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20160719